CVE DATABASE / CVE-2003-1566
CVE-2003-1566
CVSS 5 · MEDIUM
Summary
Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.
CVSS 2.0 breakdown
| Base score | 5 (MEDIUM) |
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | NONE |
| Integrity | PARTIAL |
| Availability | NONE |
Weakness type (CWE)
Affected products
Microsoft internet information services
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0321.html
- http://www.aqtronix.com/Advisories/AQ-2003-02.txt
- http://www.osvdb.org/4864
- http://www.securityfocus.com/bid/9313
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14077
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.